Software security practices vary greatly among companies depending on their stage of maturity, the industries they serve, and decisions made at business and IT levels. When budgets don’t allow for full-time security experts, businesses must decide who manages the risks.
VP Rohit Sethi quoted in Smartbear "Software Security: Balancing Resources and Risks"
Security and software have to go hand in hand, but not all teams are equally equipped. Some organizations retain security experts, some hire consultants, some use multitasking developers. If your company can’t afford a dedicated security expert or team, consider these points.